From owner-freebsd-hackers@FreeBSD.ORG Wed Jun 17 18:24:35 2015 Return-Path: Delivered-To: freebsd-hackers@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0DBE69E1 for ; Wed, 17 Jun 2015 18:24:35 +0000 (UTC) (envelope-from erik+lists@cederstrand.dk) Received: from mailrelay3.public.one.com (mailrelay3.public.one.com [195.47.247.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D5C8DD2 for ; Wed, 17 Jun 2015 18:24:33 +0000 (UTC) (envelope-from erik+lists@cederstrand.dk) X-HalOne-Cookie: 3819c0602baaca470648df44191de22d93e2ac61 X-HalOne-ID: 3df66ac9-14d0-11e5-b2c1-b8ca3afa9d73 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cederstrand.dk; s=20140924; h=from:subject:date:message-id:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references; bh=k59D4ocLs8Obcii85SQF/qYb1C4Lj2YGgV8MnqOJFZU=; b=IR1AwO1ArZ30lcLUPEPelK1lMLp62JX4DRs7bUlyH8U32S8xOxX3ygCOy2CJIvDsjD5FPc/o/J5QB 3rlvotiVqYYKUfLNXNIscW/9PGf1oakXMK2XmwH9XF1ImVx+BNr2idkipvY0Z1gZt+PoROTlmoH3ti 0WVeu8NSaLz0FJC0= Received: from whopper.router9fbd7c.com (unknown [176.222.238.90]) by smtpfilter1.public.one.com (Halon Mail Gateway) with ESMTPSA; Wed, 17 Jun 2015 09:07:12 +0000 (GMT) Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\)) Subject: Re: reproducible builds of FreeBSD in a chroot on Linux From: Erik Cederstrand In-Reply-To: <201506162350.11646.holger@layer-acht.org> Date: Wed, 17 Jun 2015 11:07:12 +0200 Cc: freebsd-hackers@freebsd.org, reproducible-builds@lists.alioth.debian.org Content-Transfer-Encoding: quoted-printable Message-Id: <387AA935-C074-4F95-A465-E525F7F0E188@cederstrand.dk> References: <201505071122.36037.holger@layer-acht.org> <554B509B.8020608@fuckner.net> <201506162350.11646.holger@layer-acht.org> To: Holger Levsen X-Mailer: Apple Mail (2.2098) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jun 2015 18:24:35 -0000 > Den 16/06/2015 kl. 23.50 skrev Holger Levsen : >=20 > "Reproducible builds enable anyone to reproduce bit by bit identical = binary=20 > packages from a given source, so that anyone can verify that a given = binary=20 > derived from the source it was said to be derived. " - right now you = have to=20 > *believe* someone that the binary really comes from said source. And = you need=20 > to *believe* the system building it wasn't compromised... The build should be immune to the time of the build, of course. That's = fairly easy (e.g. use 'ar -D' consistently and leave DEBUG_FLAGS empty). But what about the user who started the build? This leaks to at least = sendmail config files. Being agnostic to the path to the src root (e.g. /usr/src or = /home/erik/freebsd/HEAD/src) requires rewriting the compiler __FILE__ = macro to insert a relative path, and make debuggers understand relative = paths. This is hard. The FreeBSD subversion revision is also leaked several places. I think reproduce builds are a noble goal and would enable all sorts of = smart analysis, e.g. which binaries are affected by a certain commit. = Just remember to define the requirements that need to be satisfied to = get reproduce builds. Erik=